Office of Audit Services Charter
The Office of Audit Services (OAS) provides assurance and advisory services that are independent, objective and risk-based in order to protect Montana State University (University) and improve its operations.
For purposes of this Charter, University means all campuses, entities, agencies and affiliated organizations that report directly or indirectly to the President of Montana State University (President).
120.00 INDEPENDENCE AND ACCOUNTABILITY
To ensure for the independence of OAS, the Director of OAS (Director), in the discharge of his/her duties, shall be directly accountable to the President. OAS staff report to the Director.
To further ensure for the independence of OAS, the Director will provide a summary of activities and confirm organizational independence to the Commissioner of Higher Education (Commissioner) at least annually.
130.10 The Director and staff of OAS have responsibility to:
- Develop a flexible, risk-based annual plan of work, considering the input of management, and submit that plan and significant interim changes to the President for review and approval.
- Implement the approved annual plan, including special projects requested by the President.
- Evaluate risk management, control and governance of the University consistent with this Charter and with the approved annual plan. This may include evaluating significant new or changing services, processes and operations coincident with their development, implementation and/or expansion.
- Provide advisory services regarding risk management, control and governance of the University as agreed upon with management.
- Communicate significant issues related to risk management, control and governance of the University, including potential improvements, to appropriate levels of management and provide information concerning such issues through resolution.
- Investigate and assist in the investigation of significant suspected fiscal misconduct within the University and notify the President of the results.
- Maintain a professional audit staff with sufficient knowledge, skills and other competencies to meet the requirements of this Charter.
- Consider the scope of work of other internal and external parties, as appropriate, to help ensure proper coverage and minimize duplication of efforts.
- Coordinate with other control and monitoring functions (e.g., risk management, compliance, security, legal, ethics, environmental health & safety and external audit).
- Coordinate activities of external auditors with university management.
- Administer the MSU Compliance Hotline.
- Periodically provide information to the President on OAS activities and results relative to the annual plan, as well as to the sufficiency of OAS resources.
- Communicate to the President and Commissioner on the quality assurance and improvement program, including results of ongoing internal assessments and external assessments conducted at least every five years.
130.20 These responsibilities may be in relation to all University objectives and processes, which include, but are not limited to:
- Monitoring and evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the organization.
- Monitoring that significant legislative or regulatory issues impacting the University are recognized and addressed appropriately.
- Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets.
- Evaluating the effectiveness and efficiency with which resources are employed.
- Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information.
- Monitoring and evaluating the effectiveness of the organization's risk management processes.
- Monitoring and evaluating governance processes.
- Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned.
- Monitoring that quality and continuous improvement are fostered in University operations.
140.10 The Director and staff of OAS are authorized to:
- Have unrestricted access to all functions, data, records, property, technology and personnel.
- Have full and free access to the President.
- Allocate resources, set frequencies, select subjects, determine scopes of work and apply the techniques required to fulfill its mission and responsibilities.
- Obtain the necessary assistance of personnel in units/functions of the University where they provide services and obtain other specialized services from within or outside the University.
140.20 The Director and staff of OAS are not authorized to:
- Perform any operational duties for the University external to OAS.
- Make management decisions external to OAS. University management is responsible for the University's risk management, control and governance processes.
- Initiate or approve fiscal transactions, implement internal controls, develop procedures, install systems, prepare records or engage in any other activity external to OAS that may impair auditor independence.
- Direct the activities of any University employee not employed by OAS, except to the extent such employees have been appropriately assigned to assist OAS.
150.00 STANDARDS OF AUDIT PRACTICE
OAS will act in accordance with the principles of integrity, objectivity, confidentiality and competency as required by The Institute of Internal Auditors' Code of Ethics and will adhere to the International Standards for the Professional Practice of Internal Auditing.
160.00 DIRECTOR PERSONNEL MATTERS
Action to demote, dismiss or not renew the contract of the Director requires the concurrence of the President and the Commissioner.
Revision approved by Commissioner Clayton Christian and President Waded Cruzado on February 10, 2016.
Revision approved by Commissioner Clayton Christian and President Waded Cruzado on October 13, 2013.
Revision approved by President Geoff Gamble on April 14, 2008.
Adopted in early 2000s.